XDR Gains Attention Amid Security Operations Challenges


XDR Gains Attention Amid Security Operations Challenges

By Greg Tavarez

Security operations demand massive scale to collect, process, analyze and act upon large amounts of data. Early extended detection and response, or XDR, was an improvement on disconnected EDR and NDR tools, but security operations challenges continued to arise.

Trellix, a cybersecurity company delivering XDR, released findings from its “SOC Modernization and the Role of XDR” report and examined the state of security operations amid a challenging landscape. Not surprisingly, more than half of respondents believe their organization’s security operations environment has become more difficult to manage over the last two years.

The rise in difficulty is due to the increasingly dangerous threat landscape, a growing attack surface, the volume and complexity of security alerts and public cloud proliferation. To cope with the increasing threat volume and IT scale/sprawl, organizations have several initiatives focused on SOC modernization.

It’s not just the IT landscape, though, that is contributing to security challenges.  Eight-one percent of companies also say the cybersecurity skills shortage is impacting their operations.

Understaffed areas of security operations include:

  • Security architect (37%)
  • Security engineers (35%)
  • Tier-3 analysts (34%)
  • Vulnerability assessment/prioritization analysts (33%)

Cybersecurity skills shortages typically lead to increasing workload on existing staff as well as staff attrition and burnout – all of which increases risk within an organization.

Amid these cybersecurity challenges, XDR continued to gain more industry attention. In fact, 61% of security professionals claim they are very familiar with XDR technology. There is work still to do when it comes to raising XDR awareness, as 39% are still only somewhat familiar, not very familiar or not at all familiar with it.

Users are also confused about what XDR really is. A little more than half of security pros say XDR is an extension of EDR. About 44% believe XDR is a detection and response product from a single security technology vendor or an integrated and heterogeneous security product architecture designed to interoperate and coordinate on threat prevention, detection and response.

Regardless of how XDR is defined, security professionals continue to show interest in using XDR to help them address several threat detection and response challenges.

Edited by Erik Linask

MSPToday Editor

Related Articles

Unifi Connects Employees to T-Mobile 5G Network

By: Greg Tavarez    9/28/2022

Unifi selected T-Mobile and Hyperion for a Managed Mobility program to give employees a personal 5G smartphone.

Read More

Teams Direct Routing for MSP Revenue

By: Gary Audin    9/27/2022

Team Direct Routing is a way to connect Microsoft's Phone System to the PSTN via an existing PBX, Unified Communications system, or a third-party tele…

Read More

End-User Privacy and Mobile Security Coexist in Q-Scout

By: Greg Tavarez    9/27/2022

Quokka believes end-user privacy and mobile security should coexist in a secure BYOD network and launched Q-Scout to provide proactive, privacy-first …

Read More

CrowdStrike Intros Partner Progam, Adds Elite Tier for Business Growth

By: Stefania Viscusi    9/27/2022

The CrowdStrike Powered Service Provider Program (CPSP) includes value-added solution bundles and is adding an elite tier to incentivize MSPs.

Read More

Escalating Ransomware Diminishes Organizations' Confidence

By: Greg Tavarez    9/26/2022

SpyCloud revealed in its "2022 Ransomware Defense Report" that 90% of organizations were affected by ransomware in some capacity over the past 12 mont…

Read More